[22.05] Update cryptography to 38.0.3

[natefoo]

Includes an update to the bundled OpenSSL to version 3.0.7 for CVE-2022-3602.

The vulnerability is largely unexploitable but updating is good practice regardless. OpenSSL 3 was introduced in cryptography 37, and 22.01 uses 36, so older Galaxy versions are unaffected. I'm working on a blog post as well.

xref pyca/cryptography#7758

How to test the changes?

(Select all options that apply)

• I've included appropriate automated tests.
• This is a refactoring of components with existing test coverage.
• Instructions for manual testing are as follows:
  1. [add testing steps and prerequisites here if you didn't write automated tests covering all your changes]

License

• I agree to license these and all my past contributions to the core galaxy codebase under the MIT license.

[nsoranzo]

Mulled unit tests and Galaxy packages (py3.10) failures are not related and have been fixed on the dev branch.

[natefoo]

@nsoranzo thanks! The first failure was actually with accessing depot, which was temporal and cleared up after a rerun, but I wasn't sure about the remaining failure.

[github-actions]

This PR was merged without a "kind/" label, please correct.

[hexylena]

Can this should be backported to 22.01 as well, since that's still under our "year of security fixes" umbrella?

[bgruening]

I think 22.01 includes a version that is not affected. The version that we pinned at this time.